Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/deaef1-6241-49ab-9825-8fc373757684/1/j1-j6rVBFYoLGz5sSyiFZSVnRH4.roa
File:                     j1-j6rVBFYoLGz5sSyiFZSVnRH4.roa (raw, json)
Hash identifier:          4Hspw+LFIHr8SylxePgjZx5cnA6bHhUS7P2NP15Kubc=
Subject key identifier:   8F:5F:A3:EA:B5:41:15:8A:0B:1B:3E:6C:4B:28:85:65:25:67:44:7E
Certificate issuer:       /CN=1d65b7b7b898faaee70767d09715c436a83fcdc2
Certificate serial:       0189F4984916912655EEB9C09A09432AFF41
Authority key identifier: 1D:65:B7:B7:B8:98:FA:AE:E7:07:67:D0:97:15:C4:36:A8:3F:CD:C2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HWW3t7iY-q7nB2fQlxXENqg_zcI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cc/deaef1-6241-49ab-9825-8fc373757684/1/j1-j6rVBFYoLGz5sSyiFZSVnRH4.roa
Signing time:             Mon 14 Aug 2023 15:09:28 +0000
ROA not before:           Mon 14 Aug 2023 15:09:28 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     7155
IP address blocks:        164.215.109.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:30:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:f4:98:49:16:91:26:55:ee:b9:c0:9a:09:43:2a:ff:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d65b7b7b898faaee70767d09715c436a83fcdc2
        Validity
            Not Before: Aug 14 15:09:28 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8f5fa3eab541158a0b1b3e6c4b2885652567447e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:9b:d8:98:3c:44:88:8a:30:72:14:74:fe:d9:
                    01:1a:b0:c2:cf:3b:5c:ed:6f:b2:f7:c4:43:44:0b:
                    8a:08:a7:d0:ac:db:c6:0c:f4:6b:5e:7b:99:bb:4c:
                    c6:d8:e1:c3:b4:76:52:83:90:84:eb:e1:af:00:49:
                    31:61:0a:41:f8:67:1f:c2:2f:69:9d:b6:a3:3e:15:
                    3b:61:ce:56:8e:fe:86:0c:87:8e:29:ba:59:44:de:
                    57:04:d7:93:6f:f6:a9:9c:90:b3:5a:2d:f5:63:59:
                    e2:2d:92:27:f0:fb:77:20:63:20:55:a6:cc:98:96:
                    a6:9a:0d:17:ed:99:70:99:0b:e0:33:24:99:d3:fd:
                    02:04:88:7c:1e:96:c4:a5:1d:4b:08:34:e2:59:9d:
                    1d:7a:1a:8e:b2:80:75:f7:35:54:e6:27:c9:44:78:
                    9d:28:6c:aa:e1:2e:86:0b:f6:6a:e7:43:29:7e:fc:
                    cd:96:7f:06:39:29:c3:fd:d2:eb:49:cb:83:bb:87:
                    18:4c:ff:3a:e9:92:10:4c:4f:20:ba:02:04:39:f9:
                    04:3c:a0:84:aa:e9:69:4e:00:84:3d:4c:37:6a:39:
                    11:d0:80:8f:b0:1e:01:10:c0:a6:2b:d4:bc:93:d3:
                    fa:a7:84:57:7a:e1:af:1f:c6:e0:62:ea:4d:16:2a:
                    fb:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:5F:A3:EA:B5:41:15:8A:0B:1B:3E:6C:4B:28:85:65:25:67:44:7E
            X509v3 Authority Key Identifier:
                keyid:1D:65:B7:B7:B8:98:FA:AE:E7:07:67:D0:97:15:C4:36:A8:3F:CD:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HWW3t7iY-q7nB2fQlxXENqg_zcI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/deaef1-6241-49ab-9825-8fc373757684/1/j1-j6rVBFYoLGz5sSyiFZSVnRH4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/deaef1-6241-49ab-9825-8fc373757684/1/HWW3t7iY-q7nB2fQlxXENqg_zcI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  164.215.109.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1f:e4:99:a7:1e:52:32:dd:3a:e5:b3:69:7b:40:ca:1d:25:13:
         b3:29:be:8a:8d:64:9e:6c:f1:f3:03:f3:b8:a0:61:ad:97:eb:
         07:a2:d5:6f:f4:b8:41:84:50:bc:dc:12:27:9c:cd:ce:17:91:
         3c:59:a8:93:b1:b1:a6:9e:d5:9e:9d:c4:d5:10:cc:81:4c:c8:
         c4:4d:5f:25:a5:d5:e6:96:05:a2:19:9e:0d:61:e1:26:8c:f5:
         3b:35:a7:e4:8a:a0:6a:bd:d5:fb:e5:a4:03:80:e5:59:4d:b2:
         5d:95:2a:7d:24:d1:12:22:2e:0c:50:93:11:bb:a5:eb:6e:02:
         ae:eb:ba:f1:d1:39:d1:b1:bd:f3:f3:66:86:74:f4:7f:2c:6a:
         ed:c8:2f:55:01:c6:2c:a8:69:9c:5c:b2:43:9e:b1:45:08:36:
         17:48:5f:4e:13:6e:f5:95:0f:c5:75:06:91:18:de:cf:fe:15:
         5d:dd:98:ba:9d:38:d0:f9:e9:5f:de:f4:c8:78:42:ca:5b:08:
         8a:12:08:95:8f:30:6f:a7:01:af:b1:ba:4a:0a:c1:61:27:1a:
         4b:8c:13:96:ff:a0:dc:64:ce:ff:e0:f4:51:5c:06:bf:78:d6:
         31:e8:15:e1:13:b6:ea:8a:5f:a9:5a:66:87:9f:96:f8:dd:96:
         0f:5c:3c:c9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYn0mEkWkSZV7rnAmglDKv9BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkNjViN2I3Yjg5OGZhYWVlNzA3NjdkMDk3MTVjNDM2YTgz
ZmNkYzIwHhcNMjMwODE0MTUwOTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjVmYTNlYWI1NDExNThhMGIxYjNlNmM0YjI4ODU2NTI1Njc0NDdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg5vYmDxEiIowchR0/tkBGrDCzztc
7W+y98RDRAuKCKfQrNvGDPRrXnuZu0zG2OHDtHZSg5CE6+GvAEkxYQpB+Gcfwi9p
nbajPhU7Yc5Wjv6GDIeOKbpZRN5XBNeTb/apnJCzWi31Y1niLZIn8Pt3IGMgVabM
mJammg0X7ZlwmQvgMySZ0/0CBIh8HpbEpR1LCDTiWZ0dehqOsoB19zVU5ifJRHid
KGyq4S6GC/Zq50MpfvzNln8GOSnD/dLrScuDu4cYTP866ZIQTE8gugIEOfkEPKCE
qulpTgCEPUw3ajkR0ICPsB4BEMCmK9S8k9P6p4RXeuGvH8bgYupNFir7/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI9fo+q1QRWKCxs+bEsohWUlZ0R+MB8GA1UdIwQY
MBaAFB1lt7e4mPqu5wdn0JcVxDaoP83CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFdXM3Q3aVktcTduQjJmUWx4WEVOcWdfemNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9kZWFlZjEtNjI0MS00OWFiLTk4MjUt
OGZjMzczNzU3Njg0LzEvajEtajZyVkJGWW9MR3o1c1N5aUZaU1ZuUkg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9kZWFlZjEtNjI0MS00OWFiLTk4MjUtOGZjMzczNzU3Njg0
LzEvSFdXM3Q3aVktcTduQjJmUWx4WEVOcWdfemNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQApNdtMA0G
CSqGSIb3DQEBCwUAA4IBAQAf5JmnHlIy3Trls2l7QModJROzKb6KjWSebPHzA/O4
oGGtl+sHotVv9LhBhFC83BInnM3OF5E8WaiTsbGmntWencTVEMyBTMjETV8lpdXm
lgWiGZ4NYeEmjPU7NafkiqBqvdX75aQDgOVZTbJdlSp9JNESIi4MUJMRu6XrbgKu
67rx0TnRsb3z82aGdPR/LGrtyC9VAcYsqGmcXLJDnrFFCDYXSF9OE271lQ/FdQaR
GN7P/hVd3Zi6nTjQ+elf3vTIeELKWwiKEgiVjzBvpwGvsbpKCsFhJxpLjBOW/6Dc
ZM7/4PRRXAa/eNYx6BXhE7bqil+pWmaHn5b43ZYPXDzJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:10 2024 by rpki-client on console-fra.rpki-client.org